Full Disclosure mailing list archives
Re: The worm author finally revealed!
From: Paul Schmehl <pauls () utdallas edu>
Date: 31 Jan 2003 12:37:04 -0600
On Fri, 2003-01-31 at 10:44, Ron DuFresne wrote:
As mentioned in another list, all this trouble M$ folks have with patching, and indeed it seems a carzy mess in the windows world, whence various badly compiled patches will back you out of fixes from the privous patch, as well as the issues of what thrid party software might do the same as well as make you open to a potential vuln you weren't subject to prior, sheesh the list goes one, we need to pity these porr windows admins. Russ Cooper had a few posts in ntbugtraq outlining the complexity with just the windows base OS upgrades, let alone 3rd party stuff...
Here's a good example. We recently purchased HEAT (a Help Desk - call tracking product) and installed it on a Windows 2000 Server running SQL (required for HEAT.) During the Slammer mess, the box went down, and it hasn't been back up since. We *thought* it was due to Slammer, but further investigation revealed that one of our admins had patched the box on Friday - before Slammer hit us - and the *patch* is what took the server down. (The Windows OS is still working, but HEAT is not.) Backing the patches out didn't do a thing, so now we have to return all the way to SP2, reinstall HEAT and then patch back to the level right *before* the one that took it down. You can just imagine how thrilled the admins are to have to do that - and the next time they have to patch that box, they'll be real leery about doing it. And these are admins who are *very* conscientious about patching and *very* aware of security issues. Multiply this times 500,000 similar situations worldwide and you have a rudimentary grasp of the problem. -- Paul Schmehl (pauls () utdallas edu) Adjunct Information Security Officer The University of Texas at Dallas http://www.utdallas.edu/~pauls/ AVIEN Founding Member _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- RE: The worm author finally revealed!, (continued)
- RE: The worm author finally revealed! futureshoks (Jan 31)
- Re: The worm author finally revealed! HggdH (Jan 31)
- Re: The worm author finally revealed! Mark Renouf (Jan 31)
- Re: The worm author finally revealed! Paul Schmehl (Jan 31)
- Re: The worm author finally revealed! Ron DuFresne (Jan 31)
- Re: The worm author finally revealed! David Howe (Jan 31)
- Re: The worm author finally revealed! Paul Schmehl (Jan 31)
- Re: The worm author finally revealed! Ron DuFresne (Jan 31)
- Re: The worm author finally revealed! yossarian (Jan 31)
- RE: The worm author finally revealed! futureshoks (Jan 31)
- Re: The worm author finally revealed! Ron DuFresne (Jan 31)
- Re: The worm author finally revealed! Paul Schmehl (Jan 31)
- Re: The worm author finally revealed! madsaxon (Jan 31)
- Re: The worm author finally revealed! Paul Schmehl (Jan 31)